<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<!--
  PasswordMaker - Creates and manages passwords
  Copyright (C) 2005 Eric H. Jung and LeahScape, Inc.
  http://passwordmaker.org/
  grimholtz@yahoo.com

  This library is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or (at
  your option) any later version.

  This library is distributed in the hope that it will be useful, but WITHOUT
  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  FITNESSFOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
  for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with this library; if not, write to the Free Software Foundation,
  Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
-->
<head>
<title>PasswordMaker. One Password To Rule Them All.&trade;</title>
<script type="text/javascript" src="scripts/hashutils.js"></script>
<script type="text/javascript" src="scripts/l33t.js"></script>
<script type="text/javascript" src="scripts/aes.js"></script>
<script type="text/javascript" src="scripts/md4.js"></script>
<script type="text/javascript" src="scripts/md5.js"></script>
<script type="text/javascript" src="scripts/md5_v6.js"></script>
<script type="text/javascript" src="scripts/ripemd160.js"></script>
<script type="text/javascript" src="scripts/sha1.js"></script>
<script type="text/javascript" src="scripts/sha256.js"></script>
<script type="text/javascript" src="scripts/profileutils.js"></script>
<script type="text/javascript"><!-- // --><![CDATA[

/*
 * Sets up the global functions for the password maker Safari extension.
 * These functions mostly respond to calls from the popup window
 */
    
    
//
// The main password generator function
//
    function generatepassword(hashAlgorithm, key, data, whereToUseL33t, l33tLevel, passwordLength, charset, prefix, suffix) {
        
        // for non-hmac algorithms, the key is master pw and url concatenated
        var usingHMAC = hashAlgorithm.indexOf("hmac") > -1;
        if (!usingHMAC)
        key += data; 
        
        // apply l33t before the algorithm?
        if (whereToUseL33t == "both" || whereToUseL33t == "before-hashing") {
            key = PasswordMaker_l33t.convert(l33tLevel, key);
            if (usingHMAC) {
                data = PasswordMaker_l33t.convert(l33tLevel, data); // new for 0.3; 0.2 didn't apply l33t to _data_ for HMAC algorithms
            }
        }
        
        // apply the algorithm
        var password = "";
        switch(hashAlgorithm) {
            case "sha256":
            password = PasswordMaker_SHA256.any_sha256(key, charset);
            break;
            case "hmac-sha256":
            password = PasswordMaker_SHA256.any_hmac_sha256(key, data, charset, true);
            break;
            case "hmac-sha256_fix":
            password = PasswordMaker_SHA256.any_hmac_sha256(key, data, charset, false);
            break;
            case "sha1":
            password = PasswordMaker_SHA1.any_sha1(key, charset);
            break;
            case "hmac-sha1":
            password = PasswordMaker_SHA1.any_hmac_sha1(key, data, charset);
            break;
            case "md4":
            password = PasswordMaker_MD4.any_md4(key, charset);
            break;
            case "hmac-md4":
            password = PasswordMaker_MD4.any_hmac_md4(key, data, charset);
            break;
            case "md5":
            password = PasswordMaker_MD5.any_md5(key, charset);
            break;
            case "md5_v6":
            password = PasswordMaker_MD5_V6.hex_md5(key, charset);
            break;
            case "hmac-md5":
            password = PasswordMaker_MD5.any_hmac_md5(key, data, charset);
            break;
            case "hmac-md5_v6":
            password = PasswordMaker_MD5_V6.hex_hmac_md5(key, data, charset);
            break;
            case "rmd160":
            password = PasswordMaker_RIPEMD160.any_rmd160(key, charset);
            break;
            case "hmac-rmd160":
            password = PasswordMaker_RIPEMD160.any_hmac_rmd160(key, data, charset);
            break;
            default:
            password = key;
        }
        // apply l33t after the algorithm?
        if (whereToUseL33t == "both" || whereToUseL33t == "after-hashing")
            password = PasswordMaker_l33t.convert(l33tLevel, password);
        
        if( password.length > passwordLength ) password = password.substr(0,passwordLength);
        
        return password;
    }
        


// take a full URL and parse it according to the provided profile
function parseURL( url, profile ) {
    if( typeof url == 'undefined' || url == null ) 
        return "no URL";
    
    //console.log('Parse URL: ' + url );
    
    if( profile.useText > "" ) return profile.useText;
    
    
    var a = document.getElementById('urlanchor');
    a.href = url;
    
    // a quick cheat - if the last domain part is two letters, assume it's a three-level domain
    var hostparts = a.hostname.split('.');
    var sliceat = ( hostparts[hostparts.length-1].length == 2 ) ? -3 : -2;
    var domain = hostparts.slice(sliceat).join('.');
    var subdomain = hostparts.slice(0,sliceat).join('.');

    var rval = "";
    if( profile.useProto ) {
        //console.log('using proto=' + a.protocol + '//' );
        rval += a.protocol + '//';
    }
    if( profile.useSubdom ) {
        //console.log('using subdomain=' + subdomain );
        rval += subdomain;
    }
    if( profile.useDomain ) {
        //console.log('using domain=' + domain );
        rval += domain;        
    }
    if( profile.usePath ) {
        //console.log('using path=' + a.port + a.pathname + a.search + a.hash );
        rval += a.port + a.pathname + a.search + a.hash;
    }
    
    return rval;
    
    
}
    
    //
    //
    // EVENT HANDLERS - used for Safari exension to work with the injected script
    //
    //
    safari.application.addEventListener("message",foundHandler,true);
   
    function foundHandler(event) {
        if( event.name == "getProfileNames" ) {
            //console.log("getProfileNames request from ", event.target);
            event.target.page.dispatchMessage("profileNames", getProfileNames() );
        }
        
        else if( event.name == "getProfile" ) {
            //console.log("getProfile request from ", event.target);
            event.target.page.dispatchMessage("profile", getProfile(event.message));
        }

        else if( event.name == "updateProfile" ) {
            //console.log("updateProfile request for ", event.message.name, " from ", event.target);
            var currentNames = getProfileNames();
            saveProfile( event.message );
            if( getProfileNames().length != currentNames.length )
                event.target.page.dispatchMessage("profileNames", getProfileNames() );
            
            event.target.page.dispatchMessage("profile", getProfile(event.message.name) );
        }
        
        else if( event.name == "deleteProfile" ) {
            //console.log("deleteProfile request for ", event.message, " from ", event.target);
            deleteProfile( event.message );
            event.target.page.dispatchMessage("profileNames", getProfileNames() );
            event.target.page.dispatchMessage("profile", getProfile() );
        }
        
        else {
            console.log('message received: ', event.name, ' = ', event.value);
        }
        
    }

//]]></script>
</head>
<body>
    <div style="display:none">
        <a id="urlanchor"></a>
    <div>
</body>
</html>
